Today is...
Wednesday, June 26, 2019
Welcome to Control.com, the global online
community of automation professionals.
Featured Video...
Featured Video
Watch an animation of a conveyor stacking operation demonstrating the use of a move on a gear command.
Our Advertisers
Help keep our servers running...
Patronize our advertisers!
Visit our Post Archive
System Configuration for Railway Signalling and Interlocking Applications
An alternative and open control system for railway signalling and interlocking application

Hi everyone,

I am a newbie in here. I am associated with a rail integrator company in Finland, which is specialized in providing EN 50126/50128/50129 SIL 4 solutions in railway signalling and interlocking. We have been using HIMA PLCs (HIMax and HIMatrix), HIMA's proprietary OS (of which I have no idea about) and HIMA's software platform SILworX for our applications. All of these are SIL 4 certified. Although we are pretty satisfied with HIMA's performances till now, we are also looking for some alternative solutions which are open. We are looking at the following possibilities:

Hardware: Artesyn's ControlSafe Platform / MEN Mikro Gmbh's MH50C

OS: VxWorks/QNX/PikeOS/Integrity

IDE: SCADE (Ansys), Flexisafe (Infoteam), Prover

I would love to have some opinions on these. Which ones would be better? Or any other alternatives, especially on software platforms (Matlab, Codesys?)

Thanks in advance!

1 out of 1 members thought this post was helpful...

hi argon,

HIMA kit generally has a very good reputation in the Petro-Chem industry, so no doubt likewise in the Rail/Transport sector.
I have not used either Artesyn or MEN Mikro's whilst in the rail industry which both are clearly targeted.

SIL4 is a very hard standard to achieve - have you attempted any calculations?

Have you looked very closely at the Certificates; equipment quoted may be capable of SIL rating only if surrounding periphery
is also capable of being rated (in this case including Software).

Not all Artesyn hardware is dual redundant, and I would suspect nothing less than 2oo3/triplicated fault tolerant hardware would
achieve SIL4 within a working system.

Likewise for MEN Mikro Gmbh's MH50C, which does claim 'up to SIL4' but has a Certificate which expressly excludes any power supply!

You should have independent auditors/Consultants within your company working in this environment. Perhaps you could provide extracts of their reports justifying such high ratings.